source: extensions/Icy_Picture_Modify/add_photos.php @ 20312

Last change on this file since 20312 was 16495, checked in by icy, 12 years ago

Version 2.0.0, advance ACL . Code copied from git/master.

I could not use merging with git svn . Stupidly copy-&-paste ;)

File size: 9.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25
26global $template, $conf, $user;
27
28include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
29include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
30include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
31
32define('PHOTOS_ADD_BASE_URL', make_index_url(array('section' => 'add_photos')));
33
34icy_acl_fix_community(icy_acl_load_configuration());
35
36$user_permissions = community_get_user_permissions($user['id']);
37
38if (count($user_permissions['upload_categories']) == 0 and !$user_permissions ['create_whole_gallery'])
39{
40  redirect(make_index_url());
41}
42
43// +-----------------------------------------------------------------------+
44// |                             process form                              |
45// +-----------------------------------------------------------------------+
46
47$page['errors'] = array();
48$page['infos'] = array();
49
50// this is for "browser uploader", for Flash Uploader the problem is solved
51// with function community_uploadify_privacy_level (see main.inc.php)
52$_POST['level'] = 16;
53
54if (isset($_GET['processed']))
55{
56  $hacking_attempt = false;
57
58  // is the user authorized to upload in this album?
59  if (!in_array($_POST['category'], $user_permissions['upload_categories']))
60  {
61    echo 'Hacking attempt, you have no permission to upload in this album';
62    $hacking_attempt = true;
63  }
64
65  if ($hacking_attempt)
66  {
67    if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
68    {
69      delete_elements($_SESSION['uploads'][ $_POST['upload_id'] ], true);
70    }
71    exit();
72  }
73}
74
75include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_process.inc.php');
76
77if (isset($image_ids) and count($image_ids) > 0)
78{
79  // reinitialize the informations to display on the result page
80  $page['infos'] = array();
81
82  if (isset($_POST['set_photo_properties']))
83  {
84    $data = array();
85
86    $data['name'] = $_POST['name'];
87    $data['author'] = $_POST['author'];
88
89    if ($conf['allow_html_descriptions'])
90    {
91      $data['comment'] = @$_POST['description'];
92    }
93    else
94    {
95      $data['comment'] = strip_tags(@$_POST['description']);
96    }
97
98    $updates = array();
99    foreach ($image_ids as $image_id)
100    {
101      $update = $data;
102      $update['id'] = $image_id;
103
104      array_push($updates, $update);
105    }
106
107    mass_updates(
108      IMAGES_TABLE,
109      array(
110        'primary' => array('id'),
111        'update' => array_diff(array_keys($updates[0]), array('id'))
112        ),
113      $updates
114      );
115  }
116
117  // $category_id is set in the photos_add_direct_process.inc.php included script
118  $category_infos = get_cat_info($category_id);
119  $category_name = get_cat_display_name($category_infos['upper_names']);
120
121  array_push(
122    $page['infos'],
123    sprintf(
124      l10n('%d photos uploaded into album "%s"'),
125      count($page['thumbnails']),
126      '<em>'.$category_name.'</em>'
127      )
128    );
129
130  // should the photos be moderated?
131  //
132  // if one of the user community permissions is not moderated on the path
133  // to gallery root, then the upload is not moderated. For example, if the
134  // user is allowed to upload to events/parties with no admin moderation,
135  // then he's not moderated when uploading in
136  // events/parties/happyNewYear2011
137  $moderate = icy_acl("moderate_image");
138  if ($moderate)
139  {
140    $inserts = array();
141
142    $query = '
143SELECT
144    id,
145    date_available
146  FROM '.IMAGES_TABLE.'
147  WHERE id IN ('.implode(',', $image_ids).')
148;';
149    $result = pwg_query($query);
150    while ($row = pwg_db_fetch_assoc($result))
151    {
152      array_push(
153        $inserts,
154        array(
155          'image_id' => $row['id'],
156          'added_on' => $row['date_available'],
157          'state' => 'moderation_pending',
158          )
159        );
160    }
161
162    mass_inserts(
163      COMMUNITY_PENDINGS_TABLE,
164      array_keys($inserts[0]),
165      $inserts
166      );
167
168    // the link on thumbnail must go to the websize photo
169    foreach ($page['thumbnails'] as $idx => $thumbnail)
170    {
171      $page['thumbnails'][$idx]['link'] = str_replace(
172        'thumbnail/'.$conf['prefix_thumbnail'],
173        '',
174        $thumbnail['src']
175        );
176    }
177
178    array_push(
179      $page['infos'],
180      l10n('Your photos are waiting for validation, administrators have been notified')
181      );
182  }
183  else
184  {
185
186    // the level of a user upload photo with no moderation is 0
187    $query = '
188UPDATE '.IMAGES_TABLE.'
189  SET level = 0
190  WHERE id IN ('.implode(',', $image_ids).')
191;';
192    pwg_query($query);
193
194    // the link on thumbnail must go to picture.php
195    foreach ($page['thumbnails'] as $idx => $thumbnail)
196    {
197      if (preg_match('/(image_id=|photo-)(\d+)/', $thumbnail['link'], $matches))
198      {
199        $page['thumbnails'][$idx]['link'] = make_picture_url(
200          array(
201            'image_id' => $matches[2],
202            'image_file' => $thumbnail['file'],
203            'category' => $category_infos,
204            )
205          );
206      }
207    }
208  }
209
210  invalidate_user_cache();
211
212  // let's notify administrators
213  include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
214
215  $keyargs_content = array(
216    get_l10n_args('Hi administrators,', ''),
217    get_l10n_args('', ''),
218    get_l10n_args('Album: %s', get_cat_display_name($category_infos['upper_names'], null, false)),
219    get_l10n_args('User: %s', $user['username']),
220    get_l10n_args('Email: %s', $user['email']),
221    );
222
223  if ($moderate)
224  {
225    $keyargs_content[] = get_l10n_args('', '');
226
227    array_push(
228      $keyargs_content,
229      get_l10n_args(
230        'Validation page: %s',
231        get_absolute_root_url().'admin.php?page=plugin-community-pendings'
232        )
233      );
234  }
235
236  pwg_mail_notification_admins(
237    get_l10n_args('%d photos uploaded by %s', array(count($image_ids), $user['username'])),
238    $keyargs_content,
239    false
240    );
241}
242
243// +-----------------------------------------------------------------------+
244// |                             prepare form                              |
245// +-----------------------------------------------------------------------+
246
247$template->set_filenames(array('add_photos' =>  dirname(__FILE__).'/../community/add_photos.tpl'));
248
249include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
250
251// we have to change the list of uploadable albums
252$upload_categories = $user_permissions['upload_categories'];
253if (count($upload_categories) == 0)
254{
255  $upload_categories = array(-1);
256}
257
258$query = '
259SELECT id,name,uppercats,global_rank
260  FROM '.CATEGORIES_TABLE.'
261  WHERE id IN ('.implode(',', $upload_categories).')
262;';
263
264display_select_cat_wrapper(
265  $query,
266  $selected_category,
267  'category_options'
268  );
269
270$create_subcategories = false;
271if ($user_permissions['create_whole_gallery'] or count($user_permissions['create_categories']) > 0)
272{
273  $create_subcategories = true;
274}
275
276$create_categories = $user_permissions['create_categories'];
277if (count($user_permissions['create_categories']) == 0)
278{
279  $create_categories = array(-1);
280}
281
282$query = '
283SELECT id,name,uppercats,global_rank
284  FROM '.CATEGORIES_TABLE.'
285  WHERE id IN ('.implode(',', $create_categories).')
286;';
287
288display_select_cat_wrapper(
289  $query,
290  $selected_category,
291  'category_parent_options'
292  );
293
294$template->assign(
295  array(
296    'create_subcategories' => $create_subcategories,
297    'create_whole_gallery' => $user_permissions['create_whole_gallery'],
298    )
299  );
300
301if (isset($conf['community_ask_for_properties']) and $conf['community_ask_for_properties'])
302{
303  $template->assign(
304    array(
305      'community_ask_for_properties' => true,
306      )
307    );
308}
309
310// +-----------------------------------------------------------------------+
311// |                             display page                              |
312// +-----------------------------------------------------------------------+
313
314if (count($page['errors']) != 0)
315{
316  $template->assign('errors', $page['errors']);
317}
318
319if (count($page['infos']) != 0)
320{
321  $template->assign('infos', $page['infos']);
322}
323
324$title = l10n('Upload Photos');
325$page['body_id'] = 'theUploadPage';
326
327$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'add_photos');
328
329$template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED'));
330
331$template->assign(
332  array(
333    'TITLE' => '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title,
334    )
335  );
336?>
Note: See TracBrowser for help on using the repository browser.